Why the feds smashed Megaupload

After a two-year investigation that moved from Hong Kong to the US to New …

The US government dropped a nuclear bomb on "cyberlocker" site Megaupload today, seizing its domain names, grabbing $50 million in assets, and getting New Zealand police to arrest four of the site's key employees, including enigmatic founder Kim Dotcom. In a 72-page indictment unsealed in a Virginia federal court, prosecutors charged that the site earned more than $175 million since its founding in 2005, most of it based on copyright infringement.

As for the site's employees, they were paid lavishly and they spent lavishly. Even the graphic designer, 35-year-old Slovakian resident Julius Bencko, made more than $1 million in 2010 alone.

The indictment goes after six individuals, who between them owned 14 Mercedes-Benz automobiles with license plates such as "POLICE," "MAFIA," "V," "STONED," "CEO," "HACKER," GOOD," "EVIL," and—perhaps presciently—"GUILTY." The group also had a 2010 Maserati, a 2008 Rolls-Royce, and a 1989 Lamborghini. They had not one but three Samsung 83" TVs, and two Sharp 108" TVs. Someone owned a "Predator statue." Motor bikes, jet skis, artwork, and even 60 Dell servers could all be forfeit to the government if it can prove its case against the members of the "Mega Conspiracy."

The case is a major one, involving international cooperation between the US, Hong Kong, the Netherlands, the UK, Germany, Canada, and the Philippines. In addition to the arrests, 20 search warrants were executed today in multiple countries.

No safe harbor for you

Going after Megaupload, one of the most popular sites in the world and one that uses a surprising amount of corporate bandwidth, might seem a strange choice. (As an example of its scale, Megaupload controlled 525 servers in Virginia alone and had another 630 in the Netherlands—and many more around the world.) For years, the site has claimed to take down unauthorized content when notified by rightsholders. It has registered a DMCA agent with the US government. It has created an “abuse tool” and given rightsholders access. It has negotiated with companies like Universal Music Group about licensing content. And CEO Kim Dotcom sent this curious e-mail to PayPal in late 2011:

Our legal team in the US is currently preparing to sue some of our competitors and expose their criminal activity. We like to give you a heads up and advice [sic] you not to work with sites that are known to pay up loaders for pirated content. They are damaging the image and the existence of the file hosting industry (see what's happening with the Protect IP Act). Look at Fileserve.com, Videobb.com, Filesonic.com, Wupload.com, Uploadstation.com. These sites pay everyone (no matter if the files are pirated or not) and have NO repeat infringer policy. And they are using PayPal to pay infringers.

But the government asserts that Megaupload merely wanted the veneer of legitimacy, while its employees knew full well that the site's main use was to distribute infringing content. Indeed, the government points to numerous internal e-mails and chat logs from employees showing that they were aware of copyrighted material on the site and even shared it with each other. Because of this, the government says that the site does not qualify for a “safe harbor” of the kind that protected YouTube from Viacom's $1 billion lawsuit.

For instance, the “abuse tool” allegedly does not remove the actual file being complained about by a rightsholder. Instead, it only removes a specific Web address linked to that file—but there might be hundreds of such addresses for popular content.

In addition, the government contends that everything about the site has been doctored to make it look more legitimate than it is. The “Top 100” download list does not “actually portray the most popular downloads,” say prosecutors, and they claim that Megaupload purposely offers no site-wide search engine as a way of concealing what people are storing and sharing through the site.

Megaupload employees apparently knew how the site was being used. When making payments through its “uploader rewards” program, employees sometimes looked through the material in those accounts first. "10+ Full popular DVD rips (split files), a few small porn movies, some software with keygenerators (warez)," said one of these notes. (The DMCA does not provide a "safe harbor" to sites who have actual knowledge of infringing material and do nothing about it.)

In a 2008 chat, one employee noted that "we have a funny business... modern days [sic] pirates :)," to which the reply was, "we're not pirates, we're just providing shipping servies [sic] to pirates :)."

Employees send each other e-mails saying things like, “can u pls get me some links to the series called ‘Seinfeld’ from MU [Megaupload]," since some employees did have access to a private internal search engine.

Employees even allegedly uploaded content themselves, such as a BBC Earth episode uploaded in 2008.

Other messages appear to indicate that employees knew how important copyrighted content was to their business. Content owners had a specific number of takedown requests they could make each day; in 2009, for instance, Time Warner was allowed to use the abuse tool to remove 2,500 links per day. When the company requested an increase, one employee suggested that "we can afford to be cooperative at current growth levels"— implying that if growth had not been so robust, takedowns should be limited. Kim Dotcom approved an increase to 5,000 takedowns a day.

Employees also had access to analytics. One report showed that a specific linking site had “produce[d] 164,214 visits to Megaupload for a download of the copyrighted CD/DVD burning software package Nero Suite 10. The software package had the suggested retail price of $99.” The government's conclusion: Megaupload knew what was happening and did little to stop it.

The need for care

Yet the indictment seems odd in some ways. When Viacom made many of the same charges against YouTube, it didn't go to the government and try to get Eric Schmidt or Chad Hurley arrested.

It's also full of strange non-sequiturs, such as the charge that "on or about November 10, 2011, a member of the Mega Conspiracy made a transfer of $185,000 to further an advertising campaign for Megaupload.com involved a musical recording and a video." So?

The money probably paid for a video that infuriated the RIAA by including major artists who support Megaupload. Megaupload later filed claims in US courts, trying to save the video, which it says was entirely legal, from takedown requests. (The RIAA has long said the site operators "thumb their noses at international laws, all while pocketing significant advertising revenues from trafficking in free, unlicensed copyrighted materials.")

Given that the site was already using US courts to file actions; given that the government had Megaupload e-mails talking about using US lawyers to file cases against other "pirate" sites; given that the site did at least take down content and built an abuse tool; and given that big-name artists support the site, the severity of the government's reaction is surprising.

There's no doubt that the indictment makes Megaupload look bad, though, and we're quite curious to see what comes of the case—especially once the site has a chance to respond.

Law professor James Grimmelmann of New York Law School tells Ars, "If proven at trial, there's easily enough in the indictment to prove criminal copyright infringement many times over. But much of what the indictment details are legitimate business strategies many websites use to increase their traffic and revenues: offering premium subscriptions, running ads, rewarding active users.

"I hope that if this case goes to trial and results in convictions, that the court will be careful in sorting out just what Megaupload did that crossed the line of criminality."

The MPAA doesn't have any doubts, though. "By all estimates, Megaupload.com is the largest and most active criminally operated website targeting creative content in the world," it said in a statement. "This criminal case, more than two years in development, shows that law enforcement can take strong action to protect American intellectual property stolen through sites housed in the United States."

347 Reader Comments

If all the internal email stuff that they're saying is true, I'd support this. It is a little odd in how thoroughly they've gone after the site, but I'm not opposed to legitimate anti-piratical action.

"This criminal case, more than two years in development, shows that law enforcement can take strong action to protect American intellectual property stolen through sites housed in the United States."

So the MPAA has just admitted that there is zero need for SOPA/PIPA. This was a foreign company, and using the courts and existing legal tools, law enforcement coordinated a successful multinational takedown. The system works.

I'll be curious to see how this turns out. If they really were aware at the top levels of the piracy issue, then yeah they deserve it. But employees chatting with each other dosen't prove much to me, I've seen that internally at a lot of companies.

So now that napster for movies/tv has been shutdown, how long until someone builds itunes? I don't know what the model looks like, but it's clear given the success of megaupload and comments by Gabe et al. that the distribution problem needs to be solved. I am all for paying, but I would like to be able to get a choice of 1080p, 720p, BR-DVD quality, in .mp4, .mkv, and other useful codecs. All media in one place, at any file size, for a flat fee. It's all bits after all.

From the article:The “Top 100” download list does not “actually portray the most popular downloads,” say prosecutors, and they claim that MegaUpload purposely offers no site-wide search engine as a way of concealing what people are storing and sharing through the site.

Really? I can make this argument against RIAA too."RIAA purposely offers no search engine of its copyrighted material as a way of concealing what they have copyright over."Not sure why is this would be a crime or even worth mentioning on a trial though.

"This criminal case, more than two years in development, shows that law enforcement can take strong action to protect American intellectual property stolen through sites housed in the United States."

So the MPAA has just admitted that there is zero need for SOPA/PIPA. This was a foreign company, and using the courts and existing legal tools, law enforcement coordinated a successful multinational takedown. The system works.

When are they going to go after the usenet sites that advertise around retention, speed, and completion? Interestingly enough, the only files I've gotten off the upload sites have been legal (android stuff).

So the MPAA has just admitted that there is zero need for SOPA/PIPA. This was a foreign company, and using the courts and existing legal tools, law enforcement coordinated a successful multinational takedown. The system works.

Except this system requires effort and proof on their part - which they'd rather not bother to get. They'd rather have a simple system that shuts down anyone they don't particularly like.

I'm curious what the prosecution would say if MegaUpload did have a search engine tool. Then they'd be "encouraging users to search for copyrighted content". But not having a search feature to avoid people doing just that is evil too. Basically - hosting files online is evil.

"This criminal case, more than two years in development, shows that law enforcement can take strong action to protect American intellectual property stolen through sites housed in the United States."

So the MPAA has just admitted that there is zero need for SOPA/PIPA. This was a foreign company, and using the courts and existing legal tools, law enforcement coordinated a successful multinational takedown. The system works.

SOPA/PIPA/OPEN let them go after sites that aren't breaking the law.

I'd go a step further in the description by saying that SOPA/PIPA/OPEN allows the MPAA/RIAA to go after sites without the need for due process of the law.

At a minimum PIPA and SOPA need to be held until theese cases play out. On the surface there are legal protections out the ying yang to allow current laws to work effectively. Additional law is un-necessary unless its one big content and the government collectively wish to abuse for their own purposes later on.

I think the government's action today will put people off from cloud storage for a long time. Mega upload may have had a lot of illegal content but there was also a lot of user created content. XDA developers uploaded a lot of their roms to megaupload. If the government can shut down a site because they have illegal content even when they are trying to remove it then what will keep sites like dropbox, ubuntuone and gstorage safe? Heck 90% of my google music content is pirated material, what's to keep the government from shutting that service down?

This is all a travesty. Of course, Ars partakes in the smear campaign of the RIAA MPAAA...

It's clearly time to end "copyright" and the TYRANNY of "IP."'Copyrighting' is morally wrong.

No, we're reporting on an indictment; we do it all the time.

Really? My problem was the 2nd paragraph...

Quote:

The indictment goes after six individuals, who between them owned 14 Mercedes-Benz automobiles with license plates such as "POLICE," "MAFIA," "V," "STONED," "CEO," "HACKER," GOOD," "EVIL," and—perhaps presciently—"GUILTY." The group also had a 2010 Maserati, a 2008 Rolls-Royce, and a 1989 Lamborghini. They had not one but three Samsung 83" TVs, and two Sharp 108" TVs. Someone owned a "Predator statue." Motor bikes, jet skis, artwork, and even 60 Dell servers could all be forfeit to the government if it can prove its case against the members of the "Mega Conspiracy.

It seems you publish it to create a biased opinion on the character of the alleged "pirates." Hardly objective.

It looks like they were careless and got caught out. It won't make a difference in the long run and personally I think it's a shame when anything that damages the business model of the RIAA/MPAA is damaged. I'd support almost anyone against those guys because I really would like to see them go out of business and lose everything they have.

I haven't bought a CD in 10 years or a DVD in about 6 years and I don't ever intend to.

The thousands of links pointing to one file thing is pretty damning, as are the internal e-mails, and knowing that their most popular downloads are infringing content.

This is what we wanted, no? The copyright holders working with the country's law enforcement to bring the alleged infringers to trial. We'll have to wait for the details of the trail to see the outcome.

If this isn't the type of action we want copyright holders - however scummy they themselves may be - to be able to take, what actions should they be able to take? In this case they worked with local law enforcement and seem to be going through all the messy judiciary process.

What actions should they be able to take to go after sites like MegaUpload, Napster, Rapidshare, etc. whose main purpose does seem to be trading in infringing material and doing everything they can to thwart things like the DMCA which interfere with their main business - infringing content.*

tigas - I'd imagine that rapidshare and filesonic are in their sites as well.

Romberry - I don't think there has been a verdict. There have been arrests; however.

I'd imagine in a case like this intent is a huge thing. If MegaUpload was legitimately responding to take down notices and not setting up a nearly impossible round robin style whack a mole, they'd be fine under the DMCA. . . Also, I'd imagine there'd be an argument that they did little or nothing to ban the most active users who happened to be actively uploading Hollywood's latest. From the sounds of it, this wasn't the case - and I can't think of a "legitimate" file I'd go to MegaUpload for, but search for a popular anything and download and they're likely to be listed fairly high up in the search results.

If their employees are actually found to be openly infringing as well, then there's a good chance that the "corporate veil" may be pierced and the employees and/or owners - assuming the owners have similar e-mails floating about - may become personally liable.

Edit: grammar and *.

*My assumption based on search results for anything relatively new or popular.

If the government can shut down a site because they have illegal content even when they are trying to remove it

Except that, from the article, it seems like they *weren't* trying to remove it, just the opposite. They'd remove one link among potentially thousands, but continue hosting the file that all those thousands of links pointed to. (Especially damning if all the files have the same file-name and checksum, and / or they're using some sort of deduplication so that all the links really did point to 1 file.)

Nice to here it did have *some* legitimate uses, and it'll be interesting to see how the trial goes.

Taking down this one site will show successors exactly where to paint lines if they want to keep plausible deniability. A host of smaller successors will also spread infringement out over multiple targets, making enforcement action much more challenging.

It reminds me of Sisyphus pushing that boulder up the hill. Eventually they're either going to perpetuate current models through increasingly draconian laws (see Copyright for the first half of the equation) or buckle to current market conditions and promote more customer-friendly distribution options.

The DMCA does not provide a "safe harbor" to sites who have actual knowledge of infringing material and do nothing about it

What is actual knowledge? If Megaupload admins talked about an user having "10+ Full popular DVD rips", does it mean they know they have infringing material, or would they need to unzip it and play it to verify?